The increase in digital presence in companies will substantially alter how security professionals approach data security. More than ever before, security professionals are now integrated with digital business decisions, and as such must work with business leaders to ensure the protection and safety of the organization.
“Security now means taking a holistic approach to all aspects of security,” said Earl Perkins, research vice president at Gartner, during a presentation at Gartner Security & Risk Summit. “Digital security is the next evolution in cybersecurity to protect this pervasive digital presence.”
Seek balance
As security moves to an embedded state within even the edges of the organization, security professionals will be under increasing pressure to balance risk and resilience, said Mr. Perkins. The goal will be to balance the management of risk within an enterprise with the increasing need for responsiveness and open concept requirements.
To balance risk and resiliency, security professionals should look to create methods that allow for fast-tracking ways to address security concerns and demonstrating agility.
Accelerate skills generation and convergence
As security trends shift, the organization should include new skill sets such as data science, physical security automation and ubiquitous identity management, said Mr. Perkins. It will be challenging to find all these people, and external services will become increasingly important. For current employees, organizations must identify current skills gaps and focus on creating “versatilists” who are capable of fulfilling these varied requirements.
Grow a secure digital supply chain
As the amount of software involved in the traditional supply chain grows, digital technologies will create a matching digital supply chain using cloud services, said Mr. Perkins. Security professionals should develop a strategy for public clouds, gauge whether the company’s private cloud strategy can be applied and create a cloud lifecycle governance approach. Finally, he advised companies to implement these strategies over time so that cloud security does not become diffused across too many players.
Embrace adaptive security architecture
Companies already have a myriad of products related to security, prevention, detection and response, said Mr. Perkins. Security leaders must shift their mindset from incident response to continuous response, spend less time on prevention and invest in detection and response. Context-aware networks are able to provide multiple sources of information that security professionals can use to determine if an attack is taking place. Enterprises should architect for comprehensive, continuous security to provide visibility across different layers for future security.
Adapt security infrastructure
[to continue, click HERE]